Data processing systems have, as of recent, seen a large increase in the use thereof. For small users, such as home users, a typical system will run multiple programs that will allow access to various stored data files, allow the user to access resources such as disk drives, modems, faxes, etc. Access to these types of systems is typically what is referred to as “unrestricted”, i.e., any one possessing the required knowledge to access a given program can access it on any unrestricted computer. However, for a larger data processing system that may contain confidential information, the user may be provided access to resources that are billed on a time-use, etc., these systems usually requiring restricted access.
In restricted access systems, a user is typically given an I.D. to the system. A system administrator can then configure a system, via a network or even a stand-alone system, to define the user's access to the system, once the user has logged in to the system. For example, in the network environment, there are a plurality of network drives, network resources such as printers, faxes and mailboxes, etc. The user has a configuration file that defines what access the user has. Upon logging in, the network will then access the configuration table and allow that user access to the given system resources. The user can then execute a program and utilize the program to access the resources through something as simple as a disk operating system (DOS). The disadvantage to this type of access is that the user now has full access to resources for any purpose, other than the purpose for which the user was given access.
As an example, a user may need access to a modem for the purpose of running database searching software. This database searching software allows the user to dial up a provider with the modem to perform predefined searching. In order for a prior restricted system to utilize the modem, the user must be granted access to a given serial port. However, the user need not run the database searching software in order to have access to the modem. This allows the user to run other programs that can gain access to the system. The disadvantages to this is that, although the database searching software may have certain restrictions that are inherent in the software itself, a user can bypass this system to utilize the modem for other purposes. This can also be the case with respect to data files, wherein a word processing program has the ability to read and write files and gain access to printers through the word processing software. However, this access must be granted in a global manner, such that the user can access the files and printers via any other means, once logged into the system.
As another example, consider a database that allows access to databases such as payroll, criminal records, etc., which a user has been given access. With current operating system security, the user can certainly go outside of a given program that is utilized with a specific database to copy, delete or even change files in the database outside of the program. As such, there exists a problem in that security for current operating systems provides that resources are allocated based on users or the groups to which the users belong. This therefore allows the user access to those resources even though the process that needs those resources is not being run. These rights will in turn allow the user to use the resource outside of its intended use.
In a general purpose computer system operating with a wide assortment of applications or processes, usually as part of a bundled package, security is based on the control of user access which allows access to all of the resources on the system whether they are needed or not. A disadvantage of this system is that it is not very secure and is prone to break-in or misuse of resources, some of which contain very sensitive information, primarily because of the unrestricted access to resources. All that is required to enter such a system is a user ID and a password. One solution, implementing process-based access to a general purpose computer system, where the access to each resource is controlled in addition to the entry of a user ID and password, would provide an additional level of access control. However, in a general purpose system running many applications with numerous resources, such a solution would be very cumbersome to implement and use as well as very inefficient in the use of system resources.